Cyber Threat Intelligence: The Need for Coherence and Coordination

Regarding cyber threats as a key challenge to their core security interests, NATO and the EU jointly declared at the NATO Warsaw Summit in 2016 that cooperating in countering cyber threats will be of strategic priority. Both actors also have recognized that the provision of relevant intelligence is vital in response to these threats. The current EU Global Strategy underlines the necessity of timely information sharing and situational awareness: “In security terms, terrorism, hybrid threats and organized crime know no borders. Member State efforts should […] be more joined-up: cooperation between our law enforcement, judicial and intelligence services must be strengthened.” Simultaneously, NATO and the EU are in ongoing efforts toward the improvement of intelligence (sharing) capacities. What is needed though, is a clear strategic concept of tasks, competences, and fields of cooperation between the two.

At the EU level, there is a complex set of mandates shared between institutions regarding cyber security activities. Three quasi-intelligence bodies exist within the EU framework: the European Union Military Staff Intelligence Directorate (EUMS INT), the European Union Intelligence and Situation Centre (IntCen), and the European Union Satellite Centre (SatCen). They all play a significant role in the EU Common Foreign and Security Policy, including cyber security. Other bodies, such as the Hybrid Threat Centre of Excellence in Helsinki, explicitly aim at a closer cooperation between EU and NATO by sharing classified information and cooperating on analysis, prevention, and early detection, complete the cyber security landscape within the EU.

Within NATO this year, a fundamental reform has been put into place, with its new Joint Intelligence and Security Division (JISD) at NATO Headquarters, including a Terrorism Intelligence Cell and a special branch for hybrid analysis. Its mandate is to monitor and analyze all sorts of hybrid actions, drawing from military and civilian, classified, and open sources. However, JISD only complements existing NATO intelligence structures: established in 2006 NATO holds a military led Intelligence Fusion Centre in the United Kingdom and several committees (military, civilian, security) representing national member states’ intelligence services.

The present framework of NATO and EU intelligence has grown naturally without a common concept. While this has led to substantial progress in building up intelligence capacity, joint planning, coherent cooperation, and coordination are still required. This includes a clear definition of the various institutions and their responsibilities, especially with regard to a blurred space such as the cyber sphere.

The EU and NATO have twenty-two members in common. Facing identical security challenges, both should make an effort to plan intelligence cooperation strategically, based on commonly defined priorities. Intelligence, though remaining national sovereignty, will be the key to handling a large spectrum of threats and counter measures, requiring time and investments in financial and human resources. The transatlantic community should address this multifaceted issue and make it a priority of the NATO Summit in 2018.

German Bundestag

Pia Seyfried is a legislative assistant for European policy in the German Bundestag and an assistant to the board of Women in International Security Germany e.V. (WIIS.de). She gives lectures on European affairs at the Berlin School of Economics and Law, and publishes articles focusing on EU security policy and intelligence cooperation. Pia Seyfried holds MAs in Political and European Affairs from the Institut d’Etudes Politiques Lille, the University of Münster, and the College of Europe in Warsaw. In a voluntary capacity, she works as the Young DGAP’s Deputy Speaker and manages the Salon Kaleidoskop.

Redesigning Organizations: Concepts for the Connected Society, edited by Denise Feldner, is now available. The book offers readers a deeper understanding of the cyberspace, of how institutions and industries are reinventing …